Glad that it interested you..! Anyway, I wonder if ICS TSslHttpCli uses EV
SSL certs and whether it is vulnerable.
On Wed, Jul 22, 2009 at 10:09 PM, Francois PIETTE <francois.pie...@skynet.be
> What I understand from the article is that it is not SSL which is cracked,
> but a design flaw in webbroser which is exploited.
> Mike Zusman, principal consultant at Intrepidus Group, and Alex Sotirov,
> an independent
> security researcher, have identified a Web browser design flaw that allows
> an attacker to
> conduct a "Man-in-the-Middle" attack against Web sites with Extended
> Validation (EV)
> Secure Sockets Layer (SSL) certificates.
> This is very different than cracking SSL !
> Probably webbrowser editors will soon fix their implementation.
> The author of the freeware multi-tier middleware MidWare
> The author of the freeware Internet Component Suite (ICS)
To unsubscribe or change your settings for TWSocket mailing list
please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be